Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Full Disclosure: Re: list noise

Re: list noise

From: <dcdave_at_att.net>
Date: Sun, 02 Jan 2005 13:56:19 +0000

I will NOT respond to this;
I will NOT respond to this;
I will Not respond to this;

dcdave 

--
CSO
InfoSec Group
703-626-6516		
	
 -------------- Original message ----------------------
From: phased <phased_at_mail.ru>
> 
> I also care about noise, and responding to stupid mails makes it worse.
> Every time people send stupid mails like the rm file thing, and people reply to 
> the list, the author was successful in filling the list with crap for a day or 
> so.
> 
> If no one replies, then they dont get attention and the people who know their 
> advisories(anyone with common sense) are blatantly crap will not be affected by 
> their nuisance.
> 
> You always get a load of emails to the list from people who want to tell 
> everyone they know that an advisory for example was crap, yes we know
> thank you, but we are not handing out gold stars today!!!
> No need to tell us all every time!!!
> 
> phased
> 
> -----Original Message-----
> From: Barrie Dempster <barrie_at_reboot-robot.net>
> To: full-disclosure_at_lists.netsys.com
> Date: Thu, 30 Dec 2004 09:36:07 +0000
> Subject: RE: [Full-disclosure] Multiple Backdoors found in eEye Products(IRISand 
> SecureIIS)
> 
> > I'd have to agree with the eEye statement on this one. You sent out an
> > advisory without disclosing the details, which offers no real benefit to
> > anyone. Many people consider this responsible disclosure but that also
> > requires you to notify the vendor (there were no @eeye.com's in your
> > "to" list but there were a couple of press mailboxes).
> > 
> > You didn't contact eEye, you didn't release details, you used an
> > anonymous address and failed to mention or credit any of the other guys
> > in your "testing team", This can only lead us to believe that the
> > advisory is fake and only intended to generate bad press for eEye. I
> > personally don't care about eEye's PR rating but I do care about the
> > level of noise on these lists and I do care about backdoor-ed commercial
> > products that are in common use. You may have an issue with eEye and see
> > this as revenge. However, I doubt you also have an issue with the many
> > admins who probably have spent their holiday season investigating these
> > claims, when there are likely more pressing matters to address, such as
> > a large stock of alcohol.
> > 
> > Show us details, or be quiet. If you intended to embarrass eEye the plan
> > backfired as any competent professional on this list (there are a few -
> > I've heard stories about them) would see this as a shameful attempt and
> > would be laughing at you, not eEye.
> > 
> > Seasons greetings to eEye and all Full Disclosure subscribers - even you
> > "Lance Gusto".
> > 
> > With Regards..
> > Barrie Dempster (zeedo) - Fortiter et Strenue
> > 
> >   http://www.bsrf.org.uk
> > 
> > [ gpg --recv-keys --keyserver www.keyserver.net 0x96025FD0 ]
> > 
> > 
> > 
> > 
> > 
> > ATTACHMENT: application/pgp-signature ("signature.asc")
> > 
> > _______________________________________________
> > Full-Disclosure - We believe in it.
> > Charter: http://lists.netsys.com/full-disclosure-charter.html
> > 
> > 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Received on Jan 02 2005
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]